EClamdScanValidator validates files against the clamd daemon from the ClamAV antimalware.
- Yii 1.1 or above.
- PHP 5.3 or above.
- Sockets extension and support for TCP streams.
- ClamAV daemon (in Ubuntu you must install the clamav-daemon package) listening to a TCP port (by default 3310). You must configure clamd.conf in order to achieve this. Important configuration keys are these:
Note that the STREAM protocol of clamd needs the client to open a "data" connection to another random TCP port in order to send the data file. You must allow this at firewall level.
It is suggested that you install the freshclam package (or include it in compilation) in order to keep virus signatures up to date.
In your rules add:
There's a number of configuration options:
- host - Which host to connect to. Default: 'tcp://127.0.0.1' (notice the tcp:// protocol)
- port - Port in which clamd is listening for connections. Default: 3310
- maxStreamSize - Maximun size of a "stream" (file) to be scanned. Default: 26843545600. This is in direct relation with the StreamMaxLength value in clamd.conf
- invalidOnError - Wheter to mark the attribute invalid in case of an error. Default: false
- invalidOnErrorMessage - Message to dislpay on error. Default: null
- maxFiles - Maximun number of files to be validated. Default: 1
- 1.3 - Now you can use the placeholder "[file]" (without quotes) in you custom "message" in order to display the name of the infected file.
- 1.2 - Bugfix.
- 1.1 - Now you can customize the "message", including the "[virus]" placeholder (without quotes) at the place you want to include the name of the malware found. Also, some minor bug fixes are included.
Discussion and bug report.
External resources ¶
- Use INSTREAM in place of STREAM (help needed).
- Better error handling.